diff options
author | Jesus Cea <jcea@jcea.es> | 2012-10-03 00:13:05 (GMT) |
---|---|---|
committer | Jesus Cea <jcea@jcea.es> | 2012-10-03 00:13:05 (GMT) |
commit | 09bf7a799da7c8b7cdd0f9c5cd789769b8cab2d5 (patch) | |
tree | b7be4368d81231286d2c81bec7bf5100370f7d56 /Modules | |
parent | f532035551368b254e86d0e68004983c107f33f5 (diff) | |
download | cpython-09bf7a799da7c8b7cdd0f9c5cd789769b8cab2d5.zip cpython-09bf7a799da7c8b7cdd0f9c5cd789769b8cab2d5.tar.gz cpython-09bf7a799da7c8b7cdd0f9c5cd789769b8cab2d5.tar.bz2 |
Closes #15897: zipimport.c doesn't check return value of fseek()
Diffstat (limited to 'Modules')
-rw-r--r-- | Modules/zipimport.c | 43 |
1 files changed, 36 insertions, 7 deletions
diff --git a/Modules/zipimport.c b/Modules/zipimport.c index d8c3d8a..d4e4927 100644 --- a/Modules/zipimport.c +++ b/Modules/zipimport.c @@ -741,7 +741,12 @@ read_directory(PyObject *archive_obj) PyErr_Format(ZipImportError, "can't open Zip file: '%U'", archive_obj); return NULL; } - fseek(fp, -22, SEEK_END); + + if (fseek(fp, -22, SEEK_END) == -1) { + fclose(fp); + PyErr_Format(ZipImportError, "can't read Zip file: %R", archive); + return NULL; + } header_position = ftell(fp); if (fread(endof_central_dir, 1, 22, fp) != 22) { fclose(fp); @@ -773,11 +778,13 @@ read_directory(PyObject *archive_obj) PyObject *t; int err; - fseek(fp, header_offset, 0); /* Start of file header */ + if (fseek(fp, header_offset, 0) == -1) /* Start of file header */ + goto fseek_error; l = PyMarshal_ReadLongFromFile(fp); if (l != 0x02014B50) break; /* Bad: Central Dir File Header */ - fseek(fp, header_offset + 8, 0); + if (fseek(fp, header_offset + 8, 0) == -1) + goto fseek_error; flags = (unsigned short)PyMarshal_ReadShortFromFile(fp); compress = PyMarshal_ReadShortFromFile(fp); time = PyMarshal_ReadShortFromFile(fp); @@ -789,7 +796,8 @@ read_directory(PyObject *archive_obj) header_size = 46 + name_size + PyMarshal_ReadShortFromFile(fp) + PyMarshal_ReadShortFromFile(fp); - fseek(fp, header_offset + 42, 0); + if (fseek(fp, header_offset + 42, 0) == -1) + goto fseek_error; file_offset = PyMarshal_ReadLongFromFile(fp) + arc_offset; if (name_size > MAXPATHLEN) name_size = MAXPATHLEN; @@ -849,6 +857,12 @@ read_directory(PyObject *archive_obj) PySys_FormatStderr("# zipimport: found %ld names in %U\n", count, archive_obj); return files; +fseek_error: + fclose(fp); + Py_XDECREF(files); + Py_XDECREF(nameobj); + PyErr_Format(ZipImportError, "can't read Zip file: %R", archive); + return NULL; error: fclose(fp); Py_XDECREF(files); @@ -918,7 +932,12 @@ get_data(PyObject *archive, PyObject *toc_entry) } /* Check to make sure the local file header is correct */ - fseek(fp, file_offset, 0); + if (fseek(fp, file_offset, 0) == -1) { + fclose(fp); + PyErr_Format(ZipImportError, "can't read Zip file: %R", archive); + return NULL; + } + l = PyMarshal_ReadLongFromFile(fp); if (l != 0x04034B50) { /* Bad: Local File Header */ @@ -928,7 +947,12 @@ get_data(PyObject *archive, PyObject *toc_entry) fclose(fp); return NULL; } - fseek(fp, file_offset + 26, 0); + if (fseek(fp, file_offset + 26, 0) == -1) { + fclose(fp); + PyErr_Format(ZipImportError, "can't read Zip file: %R", archive); + return NULL; + } + l = 30 + PyMarshal_ReadShortFromFile(fp) + PyMarshal_ReadShortFromFile(fp); /* local header size */ file_offset += l; /* Start of file data */ @@ -945,8 +969,13 @@ get_data(PyObject *archive, PyObject *toc_entry) buf = PyBytes_AsString(raw_data); err = fseek(fp, file_offset, 0); - if (err == 0) + if (err == 0) { bytes_read = fread(buf, 1, data_size, fp); + } else { + fclose(fp); + PyErr_Format(ZipImportError, "can't read Zip file: %R", archive); + return NULL; + } fclose(fp); if (err || bytes_read != data_size) { PyErr_SetString(PyExc_IOError, |